Your message dated Mon, 12 Apr 2021 19:48:27 +0000 with message-id <e1lw2xr-000dfj...@fasolo.debian.org> and subject line Bug#986622: fixed in clamav 0.103.2+dfsg-1 has caused the Debian Bug report #986622, regarding ClamAV 0.103.2 security patch release to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 986622: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986622 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: clamav Version: 0.103.0+dfsg-3.1 ClamAV 0.103.2 is a security patch release with the following fixes: CVE-2021-1252 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1252>: Fix for Excel XLM parser infinite loop. Affects 0.103.0 and 0.103.1 only. CVE-2021-1404 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1404>: Fix for PDF parser buffer over-read; possible crash. Affects 0.103.0 and 0.103.1 only. CVE-2021-1405 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1405>: Fix for mail parser NULL-dereference crash. Affects 0.103.1 and prior. CVE-2021-1386 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1386>: Fix for UnRAR DLL load privilege escalation. Affects 0.103.1 and prior on Windows only.
--- End Message ---
--- Begin Message ---Source: clamav Source-Version: 0.103.2+dfsg-1 Done: Sebastian Andrzej Siewior <sebast...@breakpoint.cc> We believe that the bug you reported is fixed in the latest version of clamav, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 986...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sebastian Andrzej Siewior <sebast...@breakpoint.cc> (supplier of updated clamav package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 12 Apr 2021 21:31:08 +0200 Source: clamav Architecture: source Version: 0.103.2+dfsg-1 Distribution: unstable Urgency: medium Maintainer: ClamAV Team <pkg-clamav-de...@lists.alioth.debian.org> Changed-By: Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Closes: 986622 Changes: clamav (0.103.2+dfsg-1) unstable; urgency=medium . * Import 0.103.2 - CVE-2021-1252 (Fix for Excel XLM parser infinite loop.) - CVE-2021-1404 (Fix for PDF parser buffer over-read; possible crash.) - CVE-2021-1405 (Fix for mail parser NULL-dereference crash.) - Update symbol file. (Closes: #986622). Checksums-Sha1: ec6abbe689364881025ef8980c3b37015eb996d2 2777 clamav_0.103.2+dfsg-1.dsc 461ec3a7b45851e31a1cd9a4458473f9b4dc2677 5123788 clamav_0.103.2+dfsg.orig.tar.xz 2f6896bb20cb32b31edd03dae496e821ac239d06 220248 clamav_0.103.2+dfsg-1.debian.tar.xz Checksums-Sha256: 8754a64602d698ba82d80b673933fb3141ad42e33335966ad688b12a3f269a78 2777 clamav_0.103.2+dfsg-1.dsc 1f5d08342552f4b011521f44dd25e732dc79531ed2b54db385f8520496026371 5123788 clamav_0.103.2+dfsg.orig.tar.xz 9a6827ee763c6734da59277d97514a5a018d307c4976ea5ab44ded6a4479046b 220248 clamav_0.103.2+dfsg-1.debian.tar.xz Files: 6348840ef9cf8b0069d26cb0adf61d93 2777 utils optional clamav_0.103.2+dfsg-1.dsc 246d43d86d170e5aad57d512f4b0f6f8 5123788 utils optional clamav_0.103.2+dfsg.orig.tar.xz c1548d055b0400ed1ae6ad769620a568 220248 utils optional clamav_0.103.2+dfsg-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQGzBAEBCgAdFiEEV4kucFIzBRM39v3RBWQfF1cS+lsFAmB0oh0ACgkQBWQfF1cS +lttKQv+OrFkvYOTM0NzFTs7GstLJQNDgcDIIpoCzp7J+EzYqwVL0hiygyjCnEdZ fJGZkZGDFFpS8QEkJTgAOh9Y4dMSEIxpCHCUiz6YmXVdDA6Yp5flBJ5pxXveZP6O 67QMN6Y7V6Q7EERjZ8G+ZImWG/9beZNfCWHV0qHodf3QstpBC5r78539F/rLgA3B TJj06Epq7bTwRQ1i63F/HsVUI2I997JrbSqxX1WPqIKqLjh4akFMhZfMPILDfD/i TkhMCgbbltm5VdpyYIMyPBV9G+rhhamOwcNKkZjNNbLP4WLx4uriwwK/vHelOu8x L4Jvfvv9Vh16+3JpRKyadJuuJ9wV8EfNXQzKv0Vra9/mdBmBFdUXYWiQFaeqNgvX NYvOqxKlQnBcwBP14DqMMpVOtewdjBxmHOeXTHM7I4kUfAo+RURMoN7/j/ryw9GC cuhRsbXxLQwf/zyyFKFqyKr1701l3VXQALWleSqXDsarK8bktHZSzqwYZOlUlDtD RsyyNYc/ =6Ng6 -----END PGP SIGNATURE-----
--- End Message ---
